Brute force refers to a solution to a problem that relies on computers being fast to get an answer. Generally, it works by trying all possibilities. For example, if you want to know the sum of all numbers 1 through 100, you could do something like:

蛮力是指对依赖于计算机快速获得答案的问题的解决方案。通常，它通过尝试所有可能性来工作。例如，如果您想知道所有数字 1 到 100 的总和，您可以执行以下操作：

sum = 0
for i from 1 to 100
  sum = sum + i
end

That'd be brute force. You could also do notice that 1 through 100 contains 50 pairs totaling 101, and solve it like this:

那将是蛮力。您还可以注意到 1 到 100 包含 50 对总共 101，并像这样解决它：

sum = 50 * 101

That's an intelligent approach. Note that brute force is generally easier to come up with.

这是一种聪明的做法。请注意，蛮力通常更容易提出。

The concept is extended to security in an obvious manner. For example, if you want to break into someone's account on a system that requires 8-character passwords, you could just start trying passwords — aaaaaaaa, aaaaaaab, ... — and eventually it'll work. That's brute force. You could try a list of common passwords (less brute force-ish). Or you could notice the site stores who you're logged in as in a cookie, and edit the cookie (not brute force).

该概念以明显的方式扩展到安全性。例如，如果您想在需要 8 个字符密码的系统上闯入某人的帐户，您可以开始尝试密码——aaaaaaaa、aaaaaaab、...——最终它会起作用。那是蛮力。您可以尝试一个常用密码列表（较少的蛮力）。或者您可能会注意到站点将您登录的用户存储为 cookie，并编辑 cookie（不是蛮力）。

Similar with breaking encryption. You could try all possible keys (brute force, not going to finish this lifetime on a reasonable cipher). Or you could analyze the cipher for weaknesses (very hard if its a good cipher, definitely not brute force).

类似于破解加密。您可以尝试所有可能的密钥（蛮力，不会以合理的密码完成此生命周期）。或者你可以分析密码的弱点（如果它是一个好的密码，那么很难，绝对不是蛮力）。

And, to tie it all up, if you want to take down a site, you could just send a bunch of traffic/requests/whatever in its general direction. That's brute force. That's a DoS attack.

而且，把这一切联系起来，如果你想关闭一个网站，你可以只向它的大方向发送一堆流量/请求/任何东西。那是蛮力。这就是 DoS 攻击。

Brute forceattacks use a technique of attempting to try every combination of passwords/keys to gain access to a particular system. What the hacker does when they gain entry to the system depends on the motivation of the hacker.

蛮力攻击使用一种尝试尝试密码/密钥的每个组合来访问特定系统的技术。黑客进入系统后会做什么取决于黑客的动机。

DoS (Denial of Service)attacks describe cases where the motivation of the hacker is to bring down the system, causing maximum inconvenience to the users of the system.

DoS（拒绝服务）攻击描述了黑客的动机是关闭系统，给系统用户带来最大不便的情况。

They can't really be compared against each other, as brute force is a techniqueto gain entry, and DoS is a typeof attack. It is possible that an attack could be bothbrute force and DoS.

他们不能真正对相互比较，因为蛮力是一个技术，以获得进入和DoS是一种类型的攻击。攻击可能同时是蛮力和 DoS。

DoS or Denial of Service is an attempt to make a computer resource unavailable to its intended users. it generally consists of the concerted, malevolent efforts of a person or persons to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely

DoS 或拒绝服务是试图使其目标用户无法使用计算机资源。它通常包括一个或多个人的协同恶意努力，以暂时或无限期地阻止 Internet 站点或服务的有效运行或完全运行

A brute force attack is a method of defeating a cryptographic scheme by systematically trying a large number of possibilities. For example trying a large number of the possible keys in a key space in order to decrypt a message.

蛮力攻击是一种通过系统地尝试大量可能性来击败密码方案的方法。例如，在密钥空间中尝试大量可能的密钥以解密消息。

Just to give an example of a DoS attack that doesn't involve brute force, pretend that there's a website that locks a user account after three failed login attempts. I know that you have an account on that site and I know that your username is jdoe. I decide I don't want you to be able to use the site so I try to log in as you three times, failing each time. Your account gets locked out and you have to call the admin to get it reactivated. Then I do it again the next week just to make a nuisance of myself. In essence I'm using the site's lockout feature to deny service to you, but brute force isn't involved.

举一个不涉及蛮力的 DoS 攻击的例子，假设有一个网站在登录尝试失败 3 次后锁定用户帐户。我知道你在那个网站上有一个帐户，我知道你的用户名是 jdoe。我决定不希望您使用该站点，因此我尝试以您的身份登录 3 次，但每次都失败。您的帐户被锁定，您必须致电管理员以重新激活它。然后我下周再做一次，只是为了让自己讨厌。从本质上讲，我使用站点的锁定功能来拒绝为您提供服务，但不涉及蛮力。

I suspect that the confusion between the two stems from the following.The most popular cases of DoS involve overwhelming servers with network requests. Sounds like somebody is applying "brute force" to the server, and in common everyday language that might be right. But really brute force has a special meaning in computing. It describes algorithms that exhaustively search a solution space for a correct solution, instead of using more "refined" methods like heuristics, intelligent guessing, or whatever. So in security a brute force attack involves trying all possible keys, all possible passwords, etc.

我怀疑两者之间的混淆源于以下几点。最流行的 DoS 案例涉及用网络请求压倒服务器。听起来有人在对服务器应用“蛮力”，而且用普通的日常语言可能是正确的。但真正的蛮力在计算中有着特殊的意义。它描述了详尽地搜索解决方案空间以获得正确解决方案的算法，而不是使用更“精致”的方法，如启发式、智能猜测或其他任何方法。因此，在安全方面，蛮力攻击涉及尝试所有可能的密钥、所有可能的密码等。

A "brute force" attack refers to attempting every possible combination, usually in a cryptographic context. (For example, if I'm guessing your password, I can start with "a" and then "b" and then "c" and so on; or if I'm trying to solve a Sudoku puzzle, I can try every possible combination until I find one that works.)

“蛮力”攻击是指尝试每一种可能的组合，通常是在加密上下文中。（例如，如果我在猜你的密码，我可以从“a”开始，然后是“b”，然后是“c”等等；或者如果我正在尝试解决数独难题，我可以尝试所有可能的组合，直到我找到一个有效的。）

Obviously this is unrelated to a Denial of Service attack (which usually refers to sending so many bogus requests that a server is overwhelmed). If you're seeing both phrases in the same context, the author is probably confused.

显然，这与拒绝服务攻击（通常是指发送大量虚假请求以致服务器不堪重负）无关。如果您在同一上下文中看到这两个短语，则作者可能会感到困惑。